exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 4673-1

Debian Security Advisory 4673-1
Posted May 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4673-1 - Several vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling and code execution in the AJP connector (disabled by default in Debian).

tags | advisory, web, vulnerability, code execution
systems | linux, debian
advisories | CVE-2019-17569, CVE-2020-1935, CVE-2020-1938
SHA-256 | ba3d584d4fdc2ced4b9b9288a441018d4480428ec0d74e435018d2230c3f1349

Debian Security Advisory 4673-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4673-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 03, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : tomcat8
CVE ID : CVE-2019-17569 CVE-2020-1935 CVE-2020-1938

Several vulnerabilities were discovered in the Tomcat servlet and JSP
engine, which could result in HTTP request smuggling and code execution
in the AJP connector (disabled by default in Debian).

For the oldstable distribution (stretch), these problems have been fixed
in version 8.5.54-0+deb9u1.

We recommend that you upgrade your tomcat8 packages.

For the detailed security status of tomcat8 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tomcat8

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl6vDOEACgkQEMKTtsN8
TjaAFRAAoAKw1AMWyaBUnxXpVwYqKvQ4CXcJxHCIAAFSQdMDLosTcKToyE3bzv13
UWZ1O7q4uMYhbyJv+bHzu4QTvWKAHAr/X8rdIe5d9FpzBGczWzAVOby4nLuXHSOj
Y83IdXtXM3DopRcqPS8dUzcoQ8U+fOcmZeIB48IAqbMW+Okum8yxjDW1fVx+hl07
oAOg8tJwdRddGq1/l1hjgsDqqN4y56rG9YNLNGHDrWI8z1iN5Wxf5mGoJjd+ebbc
gSRBxt5UYbiqE1FHVmM2EhSwoCsglYIKWYZQC1cg1WvoKDbqKpXB5TRYGWpB/FDN
5EPqEDJkiNf0+03mg+sa6ccY0bEDNJdZOiQKydopVu4Mh1BQ2oEQfBIc4eXPKCmK
0vV0Wdyfl1jQF4yo4vo7yQr4wbAJjLWJcg6pc/k4pwwZ2/wbnX/vbK+t0GpXfjnl
wPLp47H5Rg9/2xly4zbdRJxA5rS1tQ3ykLCkF5AA4kCLTwXsiFgFD5Ec3va9hw9h
VU15HO9UHDb8PUGGMTVCJzzBIdIREp3zjGI5g4TGU40BubdDaB20cmvKDrl5PFig
rco9lTz9K3ngBRgVs5gNGMCaRhcT90sWuNlMoSFeKx1GMknIMdMjuiVkMpMwdvO/
xZpvx+f3wL09FWzDBcObPxdFzLi0kA8L+refmEJ9jifzwnPWJX4=
=nZPM
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close